Antivirus Programs for Mac, Snake Oil or Public Service?

While shopping at one of my local Apple stores the other day, I overheard an earnest conversation about safeguarding Mac computers against things like viruses and trojans. The customer and companion were new to Mac life and were convinced that they should be very worried about viruses. The Apple salesperson on the floor repeatedly assured them that they would not need extra antivirus protection for their Mac. The customer then argued that Symantec makes an antivirus program for Macs, therefore, it must truly be a credible threat, otherwise there would be no such products. Some antivirus products are even sold in Apple stores.

I’ve heard similar arguments before: if companies like Symantec or McAfee make antivirus applications for the Mac, then Macs must truly be vulnerable somehow, somewhere. Steve Jobs and the rest of the Apple cronies must be lying.

I wondered why the Apple salesperson left the Norton AntiVirus argument alone. I’ve spoken with a number of Apple reps over the years and there seem to be two concrete answers to the Mac antivirus conundrum: 1) Mac-based antivirus programs are "snake oil" baloneyware, completely unnecessary for OS X users, and 2) programs like Norton AntiVirus are primarily effective as protection for non-Mac users, making Mac computers a sort of immunized filtration point or prophylaxis against Windows bugs.

The saying "if it ain’t broke, don’t fix it" is perfect when describing the management and use of a Mac computer in a virus-ridden world. By virtue of its design and architecture, OS X is not susceptible to the countless and ever-spawning viruses, Trojans, and other malware plaguing Windows-based operating systems and programs. Maintaining the core security of an OS is typically something that requires a vigilant eye, massive dedication, and an enormous budget. Such a dramatic undertaking could be one reason why some operating systems spring leaks like an old rusty pipe.

In the case of OS X, it is built primarily upon the open source “Darwin” operating system, which is similar to the UNIX operating system. Both Darwin and UNIX are immensely stable and secure, and OS X benefits greatly from that. Furthermore, Apple has proven itself time and time again with regard to anticipating and eliminating potential threats with extreme prejudice. To date, OS X has remained safe and sound, especially when compared to its W2K and XP counterparts. In this light, using antivirus applications on OS X really seems like a waste of time, money, and processor cycles.

I’ve heard a number of virus-fearing Mac users proclaim that even if there aren’t any Mac viruses now, by having an antivirus program running on their Macs, they’ll be protected if a virus finally hits. They say it’s worth $60 and horked system resources to keep an antivirus program running in anticipation of an unlikely event, rather than suffering untold damage from potential malware. This logic is based on the rationale of "an ounce of prevention is worth a pound of cure." It’s a sensible approach in a way— laudable — but it’s also a bit like wearing a tinfoil hat to prevent NSA satellites from someday reading one’s brain waves. Caution is good, but its need can be greatly exaggerated or even manufactured through the spreading of false or misleading information, fear, uncertainty, and doubt.

Additionally, the ultra-cautious approach tends to overlook the fact that the combined intelligence of the open source community, along with Apple’s countless developers and security experts, have spent millions of man hours making sure that OS X is safe from viruses. So when the new Mac user asks for an ounce of prevention, remind them that they’re already getting metric tons of prevention when they step into OS X, and to date, there’s nothing to cure.

"So, if OS X is so darned secure, why do Symantec, McAfee, and other companies have products for sale? More importantly, why are those products being purchased? And why are there open source (and free) antivirus applications for the Mac?"

There’s an old maxim that says if you lay down with dogs, you’ll wake with fleas. For those who have never heard the saying, or who don’t get it, it essentially means that if you involve yourself with less reliable or desirable people, habits, or in this case, tools of a trade, you will likely find yourself experiencing the negative side effects of said association. If you consort with criminals or people of low moral character, you’ll likely wind up in personal danger or with a damaged reputation. If you use a virus-prone productivity suite, you’re bound to get viruses…

Because Microsoft Office is the undisputed standard for business and personal productivity, and since Apple doesn’t offer an Excel-compatible spreadsheet application, most Mac users will install MS Office. Using Office on Mac systems seems to be universally acceptable, and even Steve Jobs has repeatedly made a point of of mentioning how well Office integrates with OS X. The truth is that MS Office works quite well with OS X, and when using Office on the Mac, you’ll get the same features and functionality as if you were using Office on a PC.

However, MS Office applications (and Windows itself) are commonly threatened by Word, Excel, and PowerPoint viruses, macros, and trojans. Just search Google for Microsoft Word macro viruses and you’ll find thousands of detailed references, warnings, patches, etc. Though not brand new, Symantec found yet another PowerPoint-triggered virus and aptly named it "Trojan.PPDropper.B". (Trojan pee pee dropper. Yech. I know PP stands for PowerPoint, but come on; it sounds like something you’d go to a urologist to fix.) Other Microsoft Office-related viruses install keyloggers to secretly record everything you type on your computer. Macro viruses seem to be a part of life when using Microsoft Office. It’s one reason why users or system administrators need to keep their Office suites and operating systems fully updated, patched, and protected.

You’ll find that OS X won’t suffer the sting of malware that can infect Windows systems. It is true that dangerous Word macros can be transmitted from PCs to Macs, and even from PC to PC via a Mac. Just move a virus-infected file onto a Mac from any CD or flash drive and that Mac will technically have a virus on it. But like an experienced and competent doctor working in an infectious diseases or quarantine ward, the Mac is simply immune to those Windows-centric bugs and will not suffer any malevolent effect.

As a matter of disclosure, there has been only one known trojan written for the OS X system (back in early 2006). But, because it required uncompressing, double-clicking to open, and then granting the system administrator’s password to install, it was a very, very limited threat. Only the truly clueless or inebriated user would manage to fall prey. Historically speaking, a funky Word macro was reported to have caused some Mac users minor annoyances in an older version of Office for Mac years ago. The Mac community found it ironic that this unique annoyance was tied directly and solely to Microsoft Office. While this was an issue with Word itself, it’s well known that OS X was completely safe.

So again, why use antivirus for Mac if OS X is so resistant and occasions for use are so rare or nonexistent? For brotherly love; for a public service; out of the kindness of your hearts. If a Mac user receives a virus-infected e-mail or document, it won’t harm his or her computer. But when the Mac user then unwittingly forwards the infected e-mail or document to another PC user, the PC user’s computer — if not thoroughly protected — will receive the erstwhile dormant virus and could succumb to whatever nasty intentions the virus has. The Mac user, thanks to the protection of OS X, would probably never be aware that a virus ever existed. But the poor Windows user receiving the file probably won’t be so lucky.

Why doesn’t Symantec make this situation clear? Why does McAfee spread fear, uncertainty, and doubt about OS X security with "scary" press releases like, "Is OS X the new Windows?" To make sales, of course!

As for Norton AntiVirus and McAfee’s Virex, they’re known throughout the Mac community as dangerous processor hogs that can do more harm than good. These programs have been plagued for years by highly critical flaws, false positives (which means that the antivirus program was attacking and sometimes ruining valid system files and non-infected files), and a number of other issues that resulted in slow system performance and worse. Even McAfee’s newest Universal Binary version of Virex (quietly renamed VirusScan) admittedly catches false positives once in a while. Of course, their PR department puts a positive spin on it, like, "Now with fewer false positives!" In short, it seems very ill advised to use Norton AntiVirus or McAfee Virex on a Mac. The iatrogenic troubles appear to far outweigh the potential value.

McAfee Screenshot

Just because OS X has remained secure, Mac owners shouldn’t use their computers in a stupid or haphazard manner. Stay away from potentially harmful websites, always be cautious about downloading or opening files from unknown sources — especially when opening such a file results in a request for your system password, make sure file extensions (.pdf, .jpg, .doc, etc.) are turned on, keep your OS X security updates current, engage the firewall built into OS X, use a router with firewall settings, keep your wireless network encrypted, maintain timely and proper backups of your system and/or critical files, and for goodness’ sake — be discreet with your system password.

Also worth mentioning are the growing number of Office alternatives that have been growing in popularity with both OS X and Windows users. Free and open source apps like NeoOffice, OpenOffice, ThinkFree, and Google Docs & Spreadsheets are easy to find and use. The newest entry to Word replacements is the free Universal Binary app called "Bean".

Open Office Screenshot

For those who still need to wear the tinfoil hat, or for Mac users who would like to help prevent the spread of viruses to their Windows-using friends and colleagues, there are some antivirus applications available for download via trusted sites like versiontracker.com and macupdate.com. The most popular and trusted (and least buggy) application is ClamXav. It’s fast, easy, and protects OS X against threats that may never materialize. It also catches bugs that hurt Windows machines. Your Windows friends may thank you, but the likelihood is they’ll never know you helped them.

Whether you choose to run ClamXav or not, you’ll at least know that OS X is safe and sound in its native form.

ClamXav Screenshot

Editors' Recommendations